Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft
File:                     5xHIkR7brjbfGoC76BSyWg-UOfo.mft (raw, json)
Hash identifier:          2f+QKh86+XhXm/38fZo7LSabIEqEt5mA+8dYHjk0xG0=
Subject key identifier:   5C:5D:9A:FF:12:F3:06:32:A0:C8:7B:5F:71:07:D4:32:1A:D1:82:2A
Authority key identifier: E7:11:C8:91:1E:DB:AE:36:DF:1A:80:BB:E8:14:B2:5A:0F:94:39:FA
Certificate issuer:       /CN=e711c8911edbae36df1a80bbe814b25a0f9439fa
Certificate serial:       019D98F5663BE9DD1286D606A45514A25F26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft
Manifest number:          0BDE
Signing time:             Fri 17 Apr 2026 01:01:52 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:52 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:52 +0000
Files and hashes:         1: 5xHIkR7brjbfGoC76BSyWg-UOfo.crl (hash: ch3SeN1R5Gi2LsdmpkPV4d5FE5l8ZouHIx9CtL/U+zM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f5:66:3b:e9:dd:12:86:d6:06:a4:55:14:a2:5f:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e711c8911edbae36df1a80bbe814b25a0f9439fa
        Validity
            Not Before: Apr 17 01:01:52 2026 GMT
            Not After : Apr 18 01:01:52 2026 GMT
        Subject: CN=5c5d9aff12f30632a0c87b5f7107d4321ad1822a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:d9:09:80:4f:65:53:ac:28:29:f1:be:37:f8:
                    7e:dd:06:d6:0d:b8:b5:fb:98:9e:e9:aa:02:e5:ec:
                    d9:9e:b7:28:1c:27:7f:7a:4e:98:c1:81:33:6c:2b:
                    f7:71:2f:5d:ba:4f:5e:8a:b3:da:9b:43:ad:0f:0f:
                    3e:05:ca:78:b0:3b:99:fa:02:0d:dd:8c:23:95:ed:
                    86:72:34:bb:13:c3:74:87:e3:fc:0c:23:65:77:d4:
                    de:be:72:17:95:c1:24:36:f6:36:27:51:68:e7:ad:
                    f8:ee:50:ad:c6:d4:b2:03:bd:5d:14:be:33:d7:3e:
                    20:f4:5a:fc:33:0b:50:2a:ee:a9:68:bf:fb:84:82:
                    c4:78:cc:ac:3a:db:dc:87:e5:f0:34:23:bd:ce:c5:
                    21:7f:34:23:18:d8:a5:47:9d:0c:ee:73:30:09:0d:
                    b9:49:5c:32:98:11:64:e7:c0:3b:ce:2e:55:33:be:
                    82:31:58:ca:ff:e6:3b:ea:1b:93:68:9f:92:eb:9d:
                    71:31:e5:e5:7d:4b:07:ff:1e:2c:0f:35:20:a9:4d:
                    b9:ca:5e:3b:f8:21:30:2d:8e:d2:8e:1d:d9:e5:7e:
                    4b:f2:16:e4:6a:f8:74:d5:33:94:25:7c:57:41:79:
                    15:63:2a:e5:01:80:b8:fb:ec:5f:ba:85:8b:ca:ad:
                    fb:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:5D:9A:FF:12:F3:06:32:A0:C8:7B:5F:71:07:D4:32:1A:D1:82:2A
            X509v3 Authority Key Identifier:
                keyid:E7:11:C8:91:1E:DB:AE:36:DF:1A:80:BB:E8:14:B2:5A:0F:94:39:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:c4:cf:5e:a4:9e:e2:3d:41:d6:b5:36:f8:d9:d0:3c:1d:49:
         02:8c:7b:ef:96:3f:e5:5e:b3:6f:cb:82:79:f0:84:f1:4a:6c:
         c0:3a:2a:ea:c2:11:34:d6:7a:07:9d:56:da:61:e8:28:80:4b:
         ff:fc:e2:d2:a1:b7:fb:5f:4c:27:f1:5b:51:f5:24:c8:03:a1:
         19:bd:67:d3:e6:40:6d:db:97:7e:4e:d7:2c:a4:3d:73:ce:73:
         61:ba:9e:86:f9:ee:30:2e:cc:58:8a:a1:29:32:56:4e:ac:f9:
         de:67:b2:d2:af:d5:41:4b:13:4c:44:ee:22:5a:d4:49:24:2a:
         00:4a:e4:7f:df:37:30:a6:df:76:58:94:46:ca:92:a9:93:90:
         dc:1e:f2:8c:d1:d7:a8:16:e2:b3:c0:5b:16:a1:0c:d0:92:22:
         7e:96:a3:d8:bc:8c:e3:b4:9b:11:ea:fa:43:dd:97:e6:32:91:
         e8:f7:aa:8f:6d:18:83:fc:97:85:0a:3f:2e:59:3d:b8:b5:39:
         58:74:76:36:13:98:d7:b6:c6:ad:e2:4f:0c:d3:29:6f:56:29:
         aa:b2:d6:00:2f:47:44:8b:fa:5d:8d:7d:79:b7:cf:fd:ff:0b:
         43:18:c9:3c:46:ec:00:03:21:19:40:81:1a:7d:40:83:5e:91:
         60:49:d5:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9WY76d0ShtYGpFUUol8mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MTFjODkxMWVkYmFlMzZkZjFhODBiYmU4MTRiMjVhMGY5
NDM5ZmEwHhcNMjYwNDE3MDEwMTUyWhcNMjYwNDE4MDEwMTUyWjAzMTEwLwYDVQQD
Eyg1YzVkOWFmZjEyZjMwNjMyYTBjODdiNWY3MTA3ZDQzMjFhZDE4MjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6tkJgE9lU6woKfG+N/h+3QbWDbi1
+5ie6aoC5ezZnrcoHCd/ek6YwYEzbCv3cS9duk9eirPam0OtDw8+Bcp4sDuZ+gIN
3Ywjle2GcjS7E8N0h+P8DCNld9TevnIXlcEkNvY2J1Fo56347lCtxtSyA71dFL4z
1z4g9Fr8MwtQKu6paL/7hILEeMysOtvch+XwNCO9zsUhfzQjGNilR50M7nMwCQ25
SVwymBFk58A7zi5VM76CMVjK/+Y76huTaJ+S651xMeXlfUsH/x4sDzUgqU25yl47
+CEwLY7Sjh3Z5X5L8hbkavh01TOUJXxXQXkVYyrlAYC4++xfuoWLyq37+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFxdmv8S8wYyoMh7X3EH1DIa0YIqMB8GA1UdIwQY
MBaAFOcRyJEe26423xqAu+gUsloPlDn6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9hYWZjMTUtMWU3OS00ZmU5LTlmYWQt
MDNhNGRkNGE5MTU2LzEvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9hYWZjMTUtMWU3OS00ZmU5LTlmYWQtMDNhNGRkNGE5MTU2
LzEvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeMTPXqSe
4j1B1rU2+NnQPB1JAox775Y/5V6zb8uCefCE8UpswDoq6sIRNNZ6B51W2mHoKIBL
//zi0qG3+19MJ/FbUfUkyAOhGb1n0+ZAbduXfk7XLKQ9c85zYbqehvnuMC7MWIqh
KTJWTqz53mey0q/VQUsTTETuIlrUSSQqAErkf983MKbfdliURsqSqZOQ3B7yjNHX
qBbis8BbFqEM0JIifpaj2LyM47SbEer6Q92X5jKR6Peqj20Yg/yXhQo/Llk9uLU5
WHR2NhOY17bGreJPDNMpb1YpqrLWAC9HRIv6XY19ebfP/f8LQxjJPEbsAAMhGUCB
Gn1Ag16RYEnVGg==
-----END CERTIFICATE-----